OSPF calculates the metric for each destination by adding up the cost of the outgoing interface. By default, OSPF has a parameter called reference-bandwidth, which is used to calculate the cost of each interface. The formula is reference_bandwidth/interface_bandwidth.

Reference-bandwidth defaults to 100Mbps; therefore, a Fast Ethernet interface will have a cost of 1. In today’s networks, you will find speeds higher than 100Mbps. If this happens, then the cost will be set to 1, making OSPF treat Fast Ethernet and Gigabit Ethernet interfaces equally.

Authentication is the most important optional feature of OSPF. Without authentication, an attacker can connect a router in the network and make all the routers from the network to remove the legitimate routes and install the routes advertised by this rogue device.

OSPF supports three type of authentication:

Type 0 – Null authentication(no authentication)

Type 1 – Simple text( the password is sent as clear text)

Type 2 – MD5 authentication

Due to the fact that in case of Type 1, the password is sent in clear text, is always recommended to configure MD5 authentication. Once the authentication is configured, then the neighbour router should be configured with the same authentication type and the same password.

The configuration of authentication requires two commands on the interface: one that specifies the type of authentication and one that specifies the password.

If you have many interfaces in the same area and you don’t want to spend time on configuring each and every interface with the authentication type, you can enable the authentication at area level.

Let assume that R2 will use MD5 configuration for all interfaces from area 1. Then, instead of going to each interface and specify that interface will use MD5 authentication, we will just apply commands at area level:

Keep in mind that the command specifying the password should still be configured under each interface.

In this second part of the OSPF article, we saw how we can change some of the OSPF parameters. Remember that changing few of them (like hello timers or authentication) on one router and not on the other will lead to OSPF adjacency to go down.

Before changing and default parameters, always try to understand why you need them to be changed. What will be your benefit and what can be the drawbacks of changing them?

Paris Arau is a network engineer with extensive knowledge of Cisco and Juniper routing and switching platforms. He is CCIE R&S and dual JNCIE(SP and ENT). With a strong service provider and enterprise background, he is working on a daily basis with cutting-edge technologies. He also writes about routing and switching technologies, cloud computing, virtualization at his personal blog, http://nextheader.net.

About Intense

Intense School has been providing accelerated IT training and certification for over 12 years to more than 45,000 IT and Information Security professionals worldwide. Come see why we have the highest pass rates in the industry!

Join our newsletter

File download

First Name

Last Name

Work Phone Number

Work Email Address

Job Title

How will you fund your training?

Why Take This Training?

What is your timeline for training?

InfoSec institute respects your privacy and will never use your personal information for anything other than to notify you of your requested course pricing. We will never sell your information to third parties. You will not be spammed.

Comments

What is Skillset?

Skillset

Practice tests & assessments.

Practice for certification success with the Skillset library of over 100,000 practice test questions. We analyze your responses and can determine when you are ready to sit for the test. Along your journey to exam readiness, we will:

1. Determine which required skills your knowledge is sufficient
2. Which required skills you need to work on
3. Recommend specific skills to practice on next
4. Track your progress towards a certification exam